This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/2f6652-7466-4a16-83da-c1f1a0e497cc/1/KUJPgsfIL8VJlTLlpmUadPYpxao.mft File: KUJPgsfIL8VJlTLlpmUadPYpxao.mft (raw, json) Hash identifier: dfoFRB9fiKDw8DlNfMEZMxkrgZ6nXbRm+BkQVaRxyzE= Subject key identifier: BC:DD:50:FA:6A:F4:D0:03:74:77:45:8C:91:8C:54:9F:16:57:28:A0 Authority key identifier: 29:42:4F:82:C7:C8:2F:C5:49:95:32:E5:A6:65:1A:74:F6:29:C5:AA Certificate issuer: /CN=29424f82c7c82fc5499532e5a6651a74f629c5aa Certificate serial: 019AF2092FE51FDD36916A2B2E296465E776 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUJPgsfIL8VJlTLlpmUadPYpxao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/2f6652-7466-4a16-83da-c1f1a0e497cc/1/KUJPgsfIL8VJlTLlpmUadPYpxao.mft Manifest number: 0B3B Signing time: Sat 06 Dec 2025 05:01:19 +0000 Manifest this update: Sat 06 Dec 2025 05:01:19 +0000 Manifest next update: Sun 07 Dec 2025 05:01:19 +0000 Files and hashes: 1: KUJPgsfIL8VJlTLlpmUadPYpxao.crl (hash: jZEyGY4eSTIeBBstUriwxCzhTxGW/OO0mcArCPHeHiQ=) 2: LS-HothqHRCTuBvSVWWtxn5KyKw.roa (hash: zR/tQekUL1A1uk0QT0EdSKoyCKZ/CYUa+IvE8FHcE34=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/2f6652-7466-4a16-83da-c1f1a0e497cc/1/KUJPgsfIL8VJlTLlpmUadPYpxao.crl rsync://rpki.ripe.net/repository/DEFAULT/80/2f6652-7466-4a16-83da-c1f1a0e497cc/1/KUJPgsfIL8VJlTLlpmUadPYpxao.mft rsync://rpki.ripe.net/repository/DEFAULT/KUJPgsfIL8VJlTLlpmUadPYpxao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:2f:e5:1f:dd:36:91:6a:2b:2e:29:64:65:e7:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29424f82c7c82fc5499532e5a6651a74f629c5aa Validity Not Before: Dec 6 05:01:19 2025 GMT Not After : Dec 7 05:01:19 2025 GMT Subject: CN=bcdd50fa6af4d0037477458c918c549f165728a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:cf:f6:86:15:98:45:c4:52:f2:c4:ce:8a:f7: 30:c4:ce:be:4f:d0:ed:d5:77:96:13:67:82:e2:52: 95:23:7f:8d:20:ef:7b:1a:31:3f:cb:00:72:26:42: 2b:56:66:40:bc:14:eb:96:42:dc:a6:fc:08:1e:1d: c5:87:b3:50:97:f0:5d:f3:cd:4a:c8:55:50:bf:34: dd:70:85:b5:3b:b6:6e:69:b1:43:90:62:45:b6:0d: 5f:f2:fb:f8:3f:fd:ce:23:87:f5:4c:47:d1:04:04: 0a:c9:0b:84:a5:fd:c1:8a:bc:ca:24:e6:05:bf:54: 29:f9:25:85:d1:2d:1a:48:08:8d:1f:da:a5:1f:92: 94:71:33:0b:a7:6b:d4:e8:0f:0c:95:1e:39:f5:e1: c3:53:04:0b:71:21:c7:f2:5a:f5:e3:ce:c8:29:fb: 6f:e7:bd:b9:a2:91:02:ba:4f:70:4b:67:54:4d:e5: 5d:29:0d:90:41:47:88:d3:c1:d2:76:db:e2:48:49: 81:77:a7:15:08:0e:3e:79:13:cb:5b:7a:6e:e8:23: 84:3f:67:cc:a3:f1:ee:69:f1:b2:c2:a7:d8:75:e3: 3d:b1:08:ae:97:cb:d8:15:e0:bb:1f:4b:fe:47:5d: 62:fc:18:77:00:bf:fb:67:09:32:d4:ea:a6:c3:f9: 18:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:DD:50:FA:6A:F4:D0:03:74:77:45:8C:91:8C:54:9F:16:57:28:A0 X509v3 Authority Key Identifier: keyid:29:42:4F:82:C7:C8:2F:C5:49:95:32:E5:A6:65:1A:74:F6:29:C5:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUJPgsfIL8VJlTLlpmUadPYpxao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/2f6652-7466-4a16-83da-c1f1a0e497cc/1/KUJPgsfIL8VJlTLlpmUadPYpxao.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/2f6652-7466-4a16-83da-c1f1a0e497cc/1/KUJPgsfIL8VJlTLlpmUadPYpxao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:1f:d3:06:f7:e4:fc:63:eb:ca:a2:7f:d7:ed:f9:3a:f9:83: 46:a5:27:c9:f7:30:a5:b3:5b:08:ad:0a:8d:0d:61:ea:62:3d: c3:57:3b:35:2f:a8:96:ee:87:01:10:8e:32:19:a8:15:0a:1e: c6:d9:66:59:e2:7b:bf:98:70:98:67:1f:ab:29:7a:72:82:6c: f8:c0:30:16:ce:22:e6:49:06:96:62:04:bf:1d:44:7b:64:04: 7a:37:58:62:43:71:e7:89:76:c2:2f:ce:78:f1:08:45:56:be: 46:9f:ac:95:1e:9d:17:ce:c6:8c:42:15:3c:d4:f7:c2:72:94: cd:ec:fc:8d:81:69:5e:94:fd:f8:6c:6a:c8:7d:a8:eb:cb:34: 95:90:cd:2f:f6:bd:24:ca:bf:ed:e5:d6:d0:5e:69:51:79:0c: 91:d9:10:c2:34:89:be:96:2f:10:a1:87:a7:db:91:37:ae:b3: ad:1f:3f:5d:a9:6d:08:68:98:33:f0:7f:37:63:20:3a:4a:bf: d6:18:de:5a:f8:a1:03:dd:db:af:69:e5:c1:70:96:09:3e:2a: 37:21:85:b3:9c:63:70:b5:03:0d:80:4b:51:1b:ab:1f:c6:b8: 9a:6e:50:d1:d2:22:c3:11:8f:0d:68:41:5e:7a:9d:a5:80:73: 4c:2c:ca:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCS/lH902kWorLilkZed2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NDI0ZjgyYzdjODJmYzU0OTk1MzJlNWE2NjUxYTc0ZjYy OWM1YWEwHhcNMjUxMjA2MDUwMTE5WhcNMjUxMjA3MDUwMTE5WjAzMTEwLwYDVQQD EyhiY2RkNTBmYTZhZjRkMDAzNzQ3NzQ1OGM5MThjNTQ5ZjE2NTcyOGEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM/2hhWYRcRS8sTOivcwxM6+T9Dt 1XeWE2eC4lKVI3+NIO97GjE/ywByJkIrVmZAvBTrlkLcpvwIHh3Fh7NQl/Bd881K yFVQvzTdcIW1O7ZuabFDkGJFtg1f8vv4P/3OI4f1TEfRBAQKyQuEpf3BirzKJOYF v1Qp+SWF0S0aSAiNH9qlH5KUcTMLp2vU6A8MlR459eHDUwQLcSHH8lr1487IKftv 5725opECuk9wS2dUTeVdKQ2QQUeI08HSdtviSEmBd6cVCA4+eRPLW3pu6COEP2fM o/HuafGywqfYdeM9sQiul8vYFeC7H0v+R11i/Bh3AL/7Zwky1Oqmw/kYCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLzdUPpq9NADdHdFjJGMVJ8WVyigMB8GA1UdIwQY MBaAFClCT4LHyC/FSZUy5aZlGnT2KcWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1VKUGdzZklMOFZKbFRMbHBtVWFkUFlweGFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8yZjY2NTItNzQ2Ni00YTE2LTgzZGEt YzFmMWEwZTQ5N2NjLzEvS1VKUGdzZklMOFZKbFRMbHBtVWFkUFlweGFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC8yZjY2NTItNzQ2Ni00YTE2LTgzZGEtYzFmMWEwZTQ5N2Nj LzEvS1VKUGdzZklMOFZKbFRMbHBtVWFkUFlweGFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeR/TBvfk /GPryqJ/1+35OvmDRqUnyfcwpbNbCK0KjQ1h6mI9w1c7NS+olu6HARCOMhmoFQoe xtlmWeJ7v5hwmGcfqyl6coJs+MAwFs4i5kkGlmIEvx1Ee2QEejdYYkNx54l2wi/O ePEIRVa+Rp+slR6dF87GjEIVPNT3wnKUzez8jYFpXpT9+GxqyH2o68s0lZDNL/a9 JMq/7eXW0F5pUXkMkdkQwjSJvpYvEKGHp9uRN66zrR8/XaltCGiYM/B/N2MgOkq/ 1hjeWvihA93br2nlwXCWCT4qNyGFs5xjcLUDDYBLURurH8a4mm5Q0dIiwxGPDWhB XnqdpYBzTCzKeQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:51:41 2025 by rpki-client